Vulnerabilities > Twilio
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-02 | CVE-2024-39891 | Information Exposure Through Discrepancy vulnerability in Twilio Authy and Authy Authenticator In the Twilio Authy API, accessed by Authy Android before 25.1.0 and Authy iOS before 26.1.0, an unauthenticated endpoint provided access to certain phone-number data, as exploited in the wild in June 2024. | 5.3 |
| 2020-09-10 | CVE-2020-24655 | Race Condition vulnerability in Twilio Authy 2-Factor Authentication 24.3.7 A race condition in the Twilio Authy 2-Factor Authentication application before 24.3.7 for Android allows a user to potentially approve/deny an access request prior to unlocking the application with a PIN on older Android devices (effectively bypassing the PIN requirement). | 1.9 |